The remote host is missing updates announced inadvisory RHSA-2012:0305.

The boost packages provide free, peer-reviewed, portable C++ sourcelibraries with emphasis on libraries which work well with the C++ StandardLibrary.

Invalid pointer dereference flaws were found in the way the Boost regularexpression library processed certain, invalid expressions. An attacker ableto make an application using the Boost library process a specially-craftedregular expression could cause that application to crash or, potentially,execute arbitrary code with the privileges of the user running theapplication. (CVE-2008-0171)

NULL pointer dereference flaws were found in the way the Boost regularexpression library processed certain, invalid expressions. An attacker ableto make an application using the Boost library process a specially-craftedregular expression could cause that application to crash. (CVE-2008-0172)

Red Hat would like to thank Will Drewry for reporting these issues.

This update also fixes the following bugs:

* Prior to this update, the construction of a regular expression objectcould fail when several regular expression objects were createdsimultaneously, such as in a multi-threaded program. With this update, theobject variables have been moved from the shared memory to the stack. Now,the constructing function is thread safe. (BZ#472384)